Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

client.exe

windows7-x64

7

client.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 15:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    client.exe

  • Size

    10.8MB

  • MD5

    628acf3baa61a3dec0d77b50dd651bed

  • SHA1

    7f0a9552efeb3858ff510a4a6c8e937a06d7919a

  • SHA256

    72f99cf3ce8539473aab90adc1853bb45ae5e0caa77057b2975059be0d5d8954

  • SHA512

    13c8be9f48848806347ce1db6934554edd2ea50cabb5e74ce365c11a60f606c9037202c7da7a699cfde3a198b08bbc581de6e23e4fff714604b77570624607b4

  • SSDEEP

    196608:LBuNjnz1W903eV4QJ24KF5ikWMWKACyGaA0W8/LV2ck0O1PP1zN3Cu:INjBW+eGQJ2n/ikWMWoaHW8p2YO91py

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\client.exe
    "C:\Users\Admin\AppData\Local\Temp\client.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1224
    • C:\Users\Admin\AppData\Local\Temp\client.exe
      "C:\Users\Admin\AppData\Local\Temp\client.exe"
      2⤵
      • Loads dropped DLL
      PID:1936

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI12242\python311.dll
    Filesize

    5.5MB

    MD5

    86e0ad6ba8a9052d1729db2c015daf1c

    SHA1

    48112072903fff2ec5726cca19cc09e42d6384c7

    SHA256

    5ecda62f6fd2822355c560412f6d90be46a7f763f0ffeec9854177904632ac2d

    SHA512

    5d6e32f9ff90a9a584183dad1583aea2327b4aea32184b0ebbec3df41b0b833e6bb3cd40822dd64d1033125f52255812b17e4fa0add38fcda6bab1724dfaa2eb

    Download Submit